Skip to content
nil0x42 edited this page Apr 25, 2015 · 12 revisions

Debug mode

The rootkit provides a debug mode, which can be enabled by defining the DEBUG_MODE define at compile time.

Enabling debug mode

This define enables debug mode at compile time.

Usage:

    #define DEBUG_MODE (1)
  • if DEBUG_MODE == 1:

    enable basic debugging

    E.G: [BEURK]: init() constructor loaded

  • if DEBUG_MODE == 2:

    enable debugging, providing informations about concerned file and line number.

    E.G: [BEURK<init.c:83>]: init() constructor loaded

Setting default debug output file

The DEBUG_FILE define can be set in order to choose the file debug messages will be written to.

Usage:

    #define DEBUG_FILE "/tmp/beurk-rootkit.log"
  • Default value: /dev/stderr

Changing debug output file at runtime

The destination file for debug messages can be overridden at runtime, through the BEURK_DEBUG_FILE environment variable.

Note that if the rootkit hasn't been compiled with DEBUG_MODE, this option has no effect.

Usage:

    BEURK_DEBUG_FILE="/dev/stdout" ls -la
Clone this wiki locally